getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'password' => 'testpass', // valid password )); $server->grantAccessToken($request, $response = new Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_request'); $this->assertEquals($response->getParameter('error_description'), 'Missing parameters: "username" and "password" required'); } public function testNoPassword() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'username' => 'test-username', // valid username )); $server->grantAccessToken($request, $response = new Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_request'); $this->assertEquals($response->getParameter('error_description'), 'Missing parameters: "username" and "password" required'); } public function testInvalidUsername() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'username' => 'fake-username', // valid username 'password' => 'testpass', // valid password )); $token = $server->grantAccessToken($request, $response = new Response()); $this->assertEquals($response->getStatusCode(), 401); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'Invalid username and password combination'); } public function testInvalidPassword() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'username' => 'test-username', // valid username 'password' => 'fakepass', // invalid password )); $token = $server->grantAccessToken($request, $response = new Response()); $this->assertEquals($response->getStatusCode(), 401); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'Invalid username and password combination'); } public function testValidCredentials() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'username' => 'test-username', // valid username 'password' => 'testpass', // valid password )); $token = $server->grantAccessToken($request, new Response()); $this->assertNotNull($token); $this->assertArrayHasKey('access_token', $token); } public function testValidCredentialsWithScope() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'username' => 'test-username', // valid username 'password' => 'testpass', // valid password 'scope' => 'scope1', // valid scope )); $token = $server->grantAccessToken($request, new Response()); $this->assertNotNull($token); $this->assertArrayHasKey('access_token', $token); $this->assertArrayHasKey('scope', $token); $this->assertEquals($token['scope'], 'scope1'); } public function testValidCredentialsInvalidScope() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid client id 'client_secret' => 'TestSecret', // valid client secret 'username' => 'test-username', // valid username 'password' => 'testpass', // valid password 'scope' => 'invalid-scope', )); $token = $server->grantAccessToken($request, $response = new Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); } public function testNoSecretWithPublicClient() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID Empty Secret', // valid public client 'username' => 'test-username', // valid username 'password' => 'testpass', // valid password )); $token = $server->grantAccessToken($request, $response = new Response()); $this->assertNotNull($token); $this->assertArrayHasKey('access_token', $token); } public function testNoSecretWithConfidentialClient() { $server = $this->getTestServer(); $request = TestRequest::createPost(array( 'grant_type' => 'password', // valid grant type 'client_id' => 'Test Client ID', // valid public client 'username' => 'test-username', // valid username 'password' => 'testpass', // valid password )); $token = $server->grantAccessToken($request, $response = new Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_client'); $this->assertEquals($response->getParameter('error_description'), 'This client is invalid or must authenticate using a client secret'); } private function getTestServer() { $storage = Bootstrap::getInstance()->getMemoryStorage(); $server = new Server($storage); $server->addGrantType(new UserCredentials($storage)); return $server; } }